Internal controls are the rules and mechanisms established by an entity to ensure their compliance obligations are being met. In recent years, NERC and regional entities have placed an emphasis on reviewing an entity’s internal controls. Internal controls do not need to be so complicated that you need a full-time person managing them. PCS can create policies and procedures that contain internal controls as a natural part of your processes. Or, PCS can take your existing program and help identify and develop internal controls for your organization.
As noted by NERC, effective controls provide value and help registered entities with the following:
* self-identify and mitigate reliability risks and compliance issues, which could lead to the ability to self-log and correct lower-risk issues as Compliance Exceptions rather than navigating through the full enforcement process;
*improve their reliability and security;
* inform the Compliance Enforcement Authority’s development of the registered entity’s Compliance Oversight Plan (COP);
*reduce the burden for audit preparation with a continuous monitoring process rather than a periodic event associated with the registered entity’s preparation for compliance monitoring activity.